<?php
die;
require_once '../../../includes/base.php';
$base = new Base();
$base->_init_all();
global $_G;

$base_root = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 'https' : 'http';
$base_url = $base_root .= '://'. $_SERVER['HTTP_HOST'];
if ($dir = trim(dirname($_SERVER['SCRIPT_NAME']), '\,/')) {
    $base_path = "/$dir";
    $base_url .= $base_path;
    $base_path .= '/';
}else {
    $base_path = '/';
}
$base_url = substr($base_url,0,-18);
$dir_level = 3; 
$root_dir = dirname(__FILE__);
for($i=1;$i<=$dir_level;$i++) {
    $root_dir = dirname($root_dir);
}

//$config = get_setting_file($root_dir);
//include($root_dir.'/'.$config);	

$save_path = $root_dir.'/' .DATA_DIR. 'files/';
$self = explode("/",dirname($_SERVER['PHP_SELF']));
for($i=1;$i<=$dir_level;$i++) {
    array_pop($self);
}
$url_root = $self ? implode("/", $self) : '/';

if (@is_dir($save_path) === false) {
    if(!@mkdir($save_path)) {
        alert("上传目录({$save_path})不存在。");
    }
}
$save_path .= gdate('Ym') . '/';

if (@is_dir($save_path) === false) {
    if(!@mkdir($save_path)) {
        alert("上传子目录(".$save_path.gdate('Ym').")无法新建。");
    }
}
$save_url = $base_url .'/'.DATA_DIR. 'files/' . gdate('Ym') . '/';

//定义允许上传的文件扩展名
$ext_arr = array('gif', 'jpg', 'jpeg', 'png');
//最大文件大小
$max_size = 1000000;
//更改目录权限
@mkdir($save_path, 0777);

//有上传文件时
if (empty($_FILES) === false) {
    //原文件名
    $file_name = $_FILES['imgFile']['name'];
    //服务器上临时文件名
    $tmp_name = $_FILES['imgFile']['tmp_name'];
    //文件大小
    $file_size = $_FILES['imgFile']['size'];
    //文件类型
    $file_type = $_FILES['imgFile']['type'];
    //检查文件名
    if (!$file_name) {
        alert("请选择文件。");
    }
    //检查目录
    if (@is_dir($save_path) === false) {
        alert("上传目录不存在。");
    }
    //检查目录写权限
    if (@is_writable($save_path) === false) {
        alert("上传目录没有写权限。");
    }
    //检查是否已上传
    if (@is_uploaded_file($tmp_name) === false) {
        alert("临时文件可能不是上传文件。");
    }
    //检查文件大小
    if ($file_size > $max_size) {
        alert("上传文件大小超过限制。");
    }
    //获得文件扩展名
    $temp_arr = explode(".", $file_name);
    $file_ext = array_pop($temp_arr);
    $file_ext = trim($file_ext);
    $file_ext = strtolower($file_ext);
    //检查扩展名
    if (in_array($file_ext, $ext_arr) === false) {
        alert("上传文件扩展名是不允许的扩展名。");
    }
    //新文件名
    $new_file_name = gdate("YmdHms") . '_' . rand(10000, 99999) . '.' . $file_ext;
    //移动文件
    $file_path = $save_path . $new_file_name;
    if (move_uploaded_file($tmp_name, $file_path) === false) {
        alert("上传文件失败。");
    }
    //检查是否图片
    if(function_exists('getimagesize') && !@getimagesize($file_path)) {
        @unlink($file_path);
        alert('未知的图片文件。');
    }
    
    $data = array();
	$data['uid'] = $_G['uid'];
	$data['username'] = $_G['username'];
	$data['originalname'] = $file_name;
	$data['filepath'] = DATA_DIR. 'files/' . gdate('Ym') . '/'.$new_file_name;
	$data['filesize'] = $file_size;
	$data['filetype'] = $file_type;
	$data['fileext'] = $file_ext;
	$data['dateline'] = TIMESTAMP;
	$fileid = $_G['db']->insert('files',$data);
	$idarr[] = $fileid;	
	
    $idstr = get_cookie('user_upload_attachments'.$_G['uid']);
	$idstr = preg_match('/^([0-9]+(,[0-9])?)+$/', trim($idstr)) ? trim($idstr) : '';
	!empty($idstr) && $idstr .= ',';
	$idstr .= implode(',', $idarr);
	set_cookie('user_upload_attachments'.$_G['uid'], $idstr);
		
		
		
//    //打上水印
//    if($cfg['watermark']) {
//        include $root_dir . '/core/lib/image.php';
//        $IMG = new ms_image();
//        $IMG->watermark_postion = (int) $cfg['watermark_postion'];
//        $wmfile = $root_dir . '/static/images/watermark.png';
//        $IMG->watermark($file_path, $file_path, $wmfile);
//        unset($IMG);
//    }

    $file_url = $save_url . $new_file_name;
    echo '<html>';
    echo '<head>';
    echo '<title>Insert Image</title>';
    echo '<meta http-equiv="content-type" content="text/html; charset=utf-8">';
    echo '</head>';
    echo '<body>';
    echo '<script type="text/javascript">parent.KE.plugin["image"].insert("' . $_POST['id'] . '", "' . $file_url . '","' . $_POST['imgTitle'] . '","' . $_POST['imgWidth'] . '","' . $_POST['imgHeight'] . '","' . $_POST['imgBorder'] . '");</script>';
    echo '</body>';
    echo '</html>';
}

function alert($msg)
{
    echo '<html>';
    echo '<head>';
    echo '<title>error</title>';
    echo '<meta http-equiv="content-type" content="text/html; charset=utf-8">';
    echo '</head>';
    echo '<body>';
    echo '<script type="text/javascript">alert("'.$msg.'");history.back();</script>';
    echo '</body>';
    echo '</html>';
    exit;
}
?>